This document sets out what information St Catherines Care Homes Ltd collects from visitors, how it uses the information, how it protects the information and your rights.
St Catherines Care Homes Ltd is committed to ensuring your privacy is protected in accordance with Data Protection Standards.
St Catherines Care Homes Ltd is using the following definition for Personal Data:
|Personal data||Information relating to identifiable individuals, such as job applicants, current and former employees, agency, contract and other staff, clients, suppliers and marketing contacts.
Personal data we gather may include: individuals’ contact details, educational background, financial and pay details, details of certificates and diplomas, education, skills, job title, and CV.
|Sensitive personal data||Personal data about an individual’s racial or ethnic origin, marital status, nationality, political opinions, religious or similar beliefs, trade union membership (or non-membership), physical or mental health or condition, criminal offences, or related proceedings—any use of sensitive personal data will only ever be carried out with the express permission of the individual.|
St Catherines Care Homes Ltd may change this policy from time to time by updating this page. This policy is effective from 1st May 2018 but we ask you to check this page from time to time. Any updates or changes to the use of your personal data will be advised to you, prior to that change of use.
Who We Are?
St Catherines Care Homes Ltd, 9-11 Monson Street, Lincoln, LN5 7RZ
You can contact us by
|Phone :||01522 520643|
|Post:||St Catherines Care Homes Ltd, 9-11 Monson Street, Lincoln, LN5 7RZ
What services do we provide?
St Catherines Care Homes Ltd provide person-centred care and support services including dementia, residential and respite care.
What we collect
The specific information that we collect will vary depending on what services we provide you by way of contract, or what you either provide us explicitly e.g. signing up to a newsletter or perhaps applying for a job at St Catherines Care Homes Ltd.
Typical information will include some or all of the following depending on the services we are providing you:
- Identification and contact data – email address, name, phone number, postal address, next of kin.
- Enhanced identification data – ID documents (driving licence, passport, immigration status).
- Financial Data – bank details, tax and national insurance information, credit card information and who is paying for care.
- Employment Data – CV, training, reference and qualification information.
- Web Related Data – your IP address, geographical data, cookies.
- Health Data – Where there is a need to protect you, our clients or other members of staff we may need to collect specific health data.
- Criminal Records – Where there is a need for us to undertake enhanced verification or legal checks in order for you to work in our sector or for us to undertake specific services on your behalf.
Customers and Residents – why we distinguish them
Monson provides our services to residents within our care. Residents may sometimes be responsible for all the associated care costs. However, sometimes care costs are covered in part or in full by other individuals or organisations.
In circumstances where care costs are being covered in part or full by an individual (or individuals) other than the person receiving the care (our resident), then it will be necessary to process the personal information of all individuals involved in the care provision, both those receiving and those responsible for the financial aspects. We will of course limit the personal data to the minimum information necessary for us to undertake those activities requiring that information.
Collecting Personal Data
When we collect personal data, you will be provided with a privacy notice that will detail:
- Who we are
- What personal information we are collecting
- Why we need it
Legal Basis under which we are processing (typically ‘consent’, ‘contractual obligations’ and/or ‘legitimate interest’) (https://ico.org.uk/for-organisations/guide-to-the-general-dataprotection-regulation-gdpr/lawful-bases-for-processing/)
- What we are going to use it for and any decisions (automated or human) that it will be used for.
- Who that information will be shared with.
- The safeguards we have put in place to protect your information.
- Our standard retention period or legal need to retain that information.
Some of the information we collect is provided here:
- Personal identification data – name, address, passport, immigration status, banking information.
- Sensitive personal data – health/medical/wellbeing, religious, racial.
- Legal Status – your legal status in respect of the services we are undertaking for you, and/or the status of those that can act on your behalf.
How we collect Personal Data
Depending on the nature of our engagement we may collect personal data in a variety of ways.
- We may collect this information directly from you.
- We may collect this information from your relative.
- We may collect this information from a Health Care Professional in the event that you come to us via a health provider (such as the NHS or Social Services).
What we use that Personal Data for
As a general guide we use personal data to:
- Process information relating to job applications. In these circumstances we will use your information for the purpose of screening and selection against criteria for roles within our organisation. Depending on the role we may undertake further screening of your information with third-parties for example to undertake DBS, Criminal Records as well as medical/health checks in order to protect you and our clients. You will be informed of this as part of our recruitment process. Nothing will be shared with a third party without your consent. As an employer we may also be required to provide statistical information as required by employment or industry legislation such as ethnicity, gender etc.
- Newsletters database. If you have explicitly signed up to receive one of our newsletters then your information will be used, in that case, for the specific purpose of sending you the relevant newsletter.If you are an existing customer or have inquired about a product we will send you news about relevant products and services based on your preferences at the time unless you have opted-out of receiving contact from us. You will be asked about this at the time of engagement.
Links to other sites
We provide links to other sites via our website. Because we have no control over these sites, we cannot take responsibility for the practise they may undertake in respect of privacy and/or protecting your Personal Data. We would therefore advise you to satisfy yourselves that these sites are operating privacy policies that inform you how they handle and protect your data – as we cannot take any responsibility for this.
Third Parties – Service Providers, Business Partners and others
We work with a number of third-party services providers who undertake services for us, these include:
|Service Provider or Provider Type||Service Provided to us or you|
|GP, Medical Assessment, Occupational Health||Potentially to assess your ability to work for us and to ensure we can meet your needs. In the case of you being a resident, this will be necessary to ensure that we can meet your needs initially and on an ongoing basis. This is on the basis of protecting your vital interests as well as those of our staff and clients.|
|Health Care providers in the event of an emergency||To ensure that in the event you become unwell we are able to provide the necessary information to assist with you receiving the necessary medical attention. This is to protect your vital interests.|
|Your previous employer or references||Provision of feedback on your previous roles or you as an individual, this on the basis of our legitimate interests.|
|Professional Bodies and Certification Boards||To ensure that you have the necessary professional certifications required for us to employ you and for any ongoing sector specific requirements of professional competence. This on the basis of our legitimate interests.|
|Health and Life Insurance bodies||In the event that you travel on business and/or are entitled to private medical or life insurance we are required to pass on certain information to the companies that provide these services on our behalf. This is on the basis of our contractual obligations with you.|
In most cases you will be made aware of the parties that we share information with, prior to us sharing this information.
Where we may share your information without your explicit consent
We may be required or chose to share your information in certain circumstances without obtaining your explicit consent, some examples of this would be:
- To comply with any legal process, applicable law or governmental request e.g. warrant, subpoena, statutory reporting, sector specific compliance
- To enforce/administer our agreements
- To protect our company or the public from harm or illegal activities
- For fraud prevention, investigation, risk assessment
- To protect the rights and property of our company
- To defend ourselves against third-party claims or allegations
In any event, we will consider your rights and privileges before sharing this information.
How you can help protect your Personal Data
In all cases, the information we require to obtain for you is necessary in the provision or assessment of the provision of services to you. We rely on this information being accurate and up to date, which is in part our responsibility as well as yours.
However, in many cases you are able to limit the use of your information for services that do not require your data. However, limiting your information may result in you not being able to receive that optional service.
Changes to your Personal Data
In the event that your Personal Data, that we use to provide you goods or services, changes e.g. your surname, address, email address or Sensitive Personal Data e.g. Religion, Health Data – it is critical that you inform us of these changes to ensure we have the correct information on our systems. Where you have access to administer these changes yourself we would expect you, if you are able, to update these details accordingly or else inform us of changes as soon as possible.
What Are Cookies
For more general information on cookies see the Wikipedia article on HTTP Cookies.
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of our site. Therefore it is recommended that you do not disable cookies.
The Cookies We Set
- Forms related cookies
When you submit data to through a form such as those found on contact pages, cookies may be set to remember your user details for future correspondence.
You can opt-out of allowing cookies by instructing your browser to stop accepting cookies or to prompt you before accepting a cookie from a website you visit, by changing the settings within your browser software.
(a) First Party Cookies: These cookies are created by monsonrh.co.uk to enable the functionality of various aspects of our website, typically random numbers and letters (PHP session cookie) which identifies a specific user’s session. This will expire when you leave the website.
(b) Third Party Cookies: These are created by companies to provide various services which we use to enhance our site. The only one we use is Google Analytics used to determine where visitors are coming from and what content they are looking at. No personal information is collected by Google Analytics. Cookies beginning with _ga, _gat, _utm(x) are used to collect information about traffic and user activity.
For more information on Google Analytics cookies, see the official Google Analytics page.
We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites including; Facebook, Twitter, Pinterest, Google+, LinkedIn, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.
St Catherines Care Homes Ltd operates a Privacy By Design and By Default policy. This means that before we use your data we have already considered the potential impact on you were your data to be lost, stolen, shared or compromised.
We undertake routine reviews of our processes and security policies in order to ensure that we can take all reasonable precautions in protecting your data.
Where at all possible we encrypt all information that is either stored or transmitted to third-parties.
Where data is stored or transmitted to a Third Country (any country outside of the European Economic Area (EEA)) we will ensure appropriate adequacy protection is in place in accordance with Data Protection Legislation.
Consequently we may also need to sometimes undertake further security and screening questions when undertaking our routine dealings with you these are there to protect your personal data and security.
Whilst we undertake all reasonable precautions, encryption, software updates and patches, we cannot guarantee the safety of data transmitted over the internet.
In the event of a data breach of your personal data, which means:
“The unintended loss, destruction amendment or disclosure of personal data”
We will first do all that is necessary in order to minimise the impact on you, identify any potential malicious third-party, identify any third-parties that may also be impacted and take all reasonable efforts to ensure that you are notified.
In the event that we are notified by a third-party of a breach, in their systems, we will undertake the same level of efforts.
We will undertake this communication either directly with you as an individual or by sending out a public notification.
At the same time we will comply with the current law in respect of informing the appropriate supervisory authority which is currently the Information Commissioners Office (ICO). We are under a legal requirement to report Data Breaches to the ICO.